Introduction to SNMP

Imagine you have a large network that has many switches and routers, a dozen servers and hundreds of workstations…wouldn’t it be great if you could monitor all those devices somehow? Using a NMS (Network Management System) it’s possible to monitor all devices in your network. Whenever something bad happens (like an interface that goes down) you will receive an e-mail or text message on your phone so you can respond to it immediately.

Sounds good?

Back in the 80s, some smart folks figured out that we should have something to monitor all IP based network devices. The idea was that most devices like computers, printers, and routers share some characteristics. They all have an interface, an IP address, a hostname, buffers and so on.

They created a database with variables that could be used to monitor different items of network devices and this resulted in SNMP (Simple Network Management Protocol).

SNMP runs on the application layer and consists of a SNMP manager and a SNMP agent. The SNMP manager is the software that is running on a pc or server that will monitor the network devices, the SNMP agent runs on the network device.

The database that I just described is called the MIB (Management Information Base) and an object could be the interface status on the router (up or down) or perhaps the CPU load at a certain moment. An object in the MIB is called an OID (Object Identifier).

The SNMP manager will be able to send periodic polls to the router and it will use store this information. This way it’s possible to create graphs to show you the CPU load or interface load from the last 24 hours, week, month or whatever you like.

It’s also possible to configure your network devices through SNMP. This might be useful to configure a large number of switches or routers from your network management system so you don’t have to telnet/ssh into each device separately to make changes.

The packet that we use to poll information is called a SNMP GET message and the packet that is used to write a configuration is a SNMP SET message.

Network Management System

To give you an example of what a NMS looks like, I’ll show you some screenshots of Observium.

Observium is a free SNMP based network monitoring platform which can monitor Cisco, Linux, Windows and some other devices. It’s easy to install so if you never worked with SNMP or monitoring network devices before I can highly recommend giving it a try. You can download it at http://www.observium.org.

Here’s what it looks like:

Above you see an overview of all the devices that our NMS manages. There are two linux devices, two Cisco devices and there’s a VMWare ESXi server. You can see the uptime of all devices.

Let’s take a closer look at one of the Cisco devices:

This switch is called “mmcoreswitch01” and it’s a Cisco Catalyst 3560E. It gives us a nice overview of the CPU load, the temperature and the interfaces that are up or down.

Let’s take a closer look at the temperature of this switch:

Here’s the temperature of this switch from the last month. When the temperature exceeds a certain value (let’s say 50 degrees Celcius) then we can tell our NMS to send us an e-mail.

Let’s take a look at an interface of this switch:

Here’s an overview of the VLAN 10 interface. You can see how much traffic is sent and received on this interface. We can zoom in one one the graphs if we want:

This gives a nice overview of how much traffic was sent in the last 24 hours of this particular interface.

I hope this gives you an idea of what a NMS looks like and why this might be useful. If you want to take a look at Observium yourself you can use the live demo on their website:

SNMP Messages

All the information that Observium shows us is retrieved by using SNMP GET messages:

The NMS will send SNMP GET messages to request the current state of certain OIDs every few minutes or so. This is great for monitoring the temperature or traffic statistics but the downside of using these SNMP GET messages is that it might take a few minutes for the NMS to discover that an interface is down.

Besides using SNMP GET messages, a SNMP agent can also send SNMP traps. A trap is a notification that it sent immediately as soon as something occurs, for example, an interface that goes down:

As soon as something bad happens (like the interface that goes down) the SNMP agent will send a SNMP trap immediately to the NMS. The NMS will respond by sending you an e-mail, text message or a notification on the screen.

These SNMP trap messages sound like a good idea but there’s one problem with them…there is no acknowledgment for the SNMP trap, so you never know if the trap made it to the NMS or not. SNMP version 3 deals with this problem with an alternative message which uses an acknowledgment called the inform message.

OID (Object Identifier)

We can use a NMS to monitor one of our network devices but how do we exactly know what to monitor? There are so many things we could check for…a single interface on a router has over 20 things we could check: input/output errors, sent/received packets, interface status, and so on. Each of these things to check has a different OID (Object Identifier).

Since there are so many OIDs, the MIB is organized into a hierarchy that looks like a tree. In this tree, you will find a number of branches with OIDs that are based on RFC standards but you will also find some vendor specific variables. Cisco, for example, has variables to monitor EIGRP and other Cisco protocols.

Let me give you an example of this tree by showing where the ‘hostname’ and ‘domainname’ objects are located.

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.

Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!

We have already seen in this lesson the usage of SNMP GET sent from the SNMP Manager is to gather a specific object instance from the SNMP agent.

Or The GETNEXT command requests a list of instances from a remote entity, but expects the next variable in the tree back. So meaning If a GETNEXT is issued on an object then the agent MUST return the next instance in the MIB tree.

New Lessons

Testimonials

Just Perfect

I like the way that Rene organizes the lessons and the courses. His explanations are clear and with simple examples. It's just perfect and very easy to understand. I would like to recommend NetworkLessons.com for everyone who is interested in networking.

Heng SovandaraNetwork EngineerSeptember 22, 2018

Learning In Plain English

I will personally recommend NetworkLessons.com to anyone wanting to seek more knowledge in networking. It's because their course SCHEDULES are very well defined, LABS are perfectly outlined and all network CONCEPTS are excellently presented in plain and understandable English.

John YuoganNetwork SpecialistSeptember 12, 2016

Simplicity, Objectivity & Clarity

One year ago I had no knowledge in network subjects. All I knew about it, was just a user knowledge. When I decided to learn about the "Network world", the CISCO certification and so on, I started to search for sites and materials on the internet. I found many, but none has the same quality of NetworkLessons.com. NetworkLessons.com explains in a simple way, with objectivity and clarity. It explains from the beginning, gives tips for how you can study for yourself. I can really recommend! Today I am CCNA R&S certified (2 month ago) and I have to thank NetworkLessons.com. Disregarding the CISCO material, NetworkLessons.com was the only site that I used to study, and the only one that I am using as a guide to prepare myself for CCNP certifications too.

Rafael NevesNetwork EngineerSeptember 10, 2015

Awesome R&S Tour Guide

Climbing the Cisco R&S 'mountain' with NetworkLessons.com as your ultimate 'travel tour guide'! Everyone who strives to become a (better) networking/R&S professional and uses NetworkLessons.com as a daily resource is right on target! We 'strivers' need the best to guide us to the top of the network/R&S mountain! We all know how hard and demanding this IT/R&S journey is! To us, the Cisco R&S pyramid is perfect and pretty. Networking technologies, routing & switching is full of pitfalls. NetworkLessons.com provides truly one of the best guides. Rene inspired me greatly over the years, presenting his wealth of knowledge on GNS3Vault.com and Networklessons.com and I have watched, listened and learned a heck of a lot. He has inspired me to reach my goals and I don't see myself slowing down. Thank you Rene and team! It's truly a great journey!

Scottie Melvin KlemtSenior Network EngineerJanuary 14, 2019

Absolutely Brilliant

"Networking in Plain English" - this is what's promised and is delivered by Networklessons.com. I regularly visit the courses and lessons to understand a lot of complicated concepts.

Muhammad JavedNetwork AdministratorApril 15, 2016

Passed my CCNA!

NetworkLessons.com played a big part in passing my CCNA/CCNA security certifications. With all the lessons, labs and help from Rene in the forum, it truly feels like you are in a classroom environment. I strongly recommend NetworkLessons.com to all my colleagues and friends interested in Cisco certifications and networking.

Juan IniguezField EngineerJanuary 11, 2016

Start Understanding Network Principles

If you are looking a place to understand network principles clearly, come to NetworkLessons.com. They start from dummy to move to experts level. I am not yet an expert, but topics are getting better and more clear in my mind every time I visit NetworkLessons.com!

Dervain LegbouNetwork EngineerJanuary 4, 2018

Very Helpful

Very good explanations, which are accurate and to the point. Thanks Rene!

Aata El HamssSystem DesignerApril 15, 2016

Great Training Resource

What makes NetworkLessons.com unique from other training materials is that with others you start feeling bored and quit reading after a few lines. While with NetworkLessons.com, once you start reading you'll find yourself more eager to finish a lesson to see the results! The excited, simple and get to the point way of teaching is what makes me save time and money to master many networking technologies. I am always looking forward to their new lessons!

Ahmad DhaherNetwork EngineerJune 21, 2016

Taking Network Technologies to the Street

The lead instructor Rene has the ability to explain the most complex concept into very straightforward and easy to understand units. Studying with NetworkLessons.com has changed the course of my career for the best and I will never stop recommending his lessons, books, website and videos. Thank you Rene (and your crew), for your great work!

Wandjlaye GodweNetwork EngineerJanuary 7, 2017

Great Site!

I really appreciate Rene's ability to clearly explain complicated material and the examples he provides. NetworkLessons.com is a great resource for me and I come here first when I have a Cisco-related task to learn. Thanks Rene!

Sean CasonSenior Network AdministratorMay 9, 2016

Amazing Site

NetworkLessons.com explains complex and hard to understand networking concepts in just plain English. It's hard to miss the concepts. Thank you for all of your hard work. It did help me, and will definitely help somebody else.